Browse Source

Latest Docs

master
Josh Mudge 6 months ago
commit
33b2f36db5
8 changed files with 87 additions and 0 deletions
  1. +1
    -0
      .gitignore
  2. BIN
      All/Powershelladmin.png
  3. +86
    -0
      All/Sign Using OV Cert.md
  4. BIN
      All/addfirewallrule.png
  5. BIN
      All/adminpromptnewcert.png
  6. BIN
      All/developerprompt.png
  7. BIN
      All/donesigning.png
  8. BIN
      All/signfile.png

+ 1
- 0
.gitignore View File

@@ -0,0 +1 @@
**/git

BIN
All/Powershelladmin.png View File

Before After
Width: 777  |  Height: 684  |  Size: 46KB

+ 86
- 0
All/Sign Using OV Cert.md View File

@@ -0,0 +1,86 @@
# Purpose

We're going to be looking at how to get a code-signing certificate, how to sign code with it and use that to create a setup file. This setup file will contain another signed file that will launch a basic web server. The setup file will create a firewall rule for the server so it won't need to prompt the user with a firewall settings prompt.

# Obtaining a Code Signing Certificate

Purhcase a code-signing certificate: https://cheapsslsecurity.com/comodo/codesigningcertificate.html
Be aware that you will likely need to create a Dun & Bradstreet listing, depending on the company you order the certificate from: https://www.dandb.com/businessdirectory/products/ (this is free)
The validation process will take 1-3 business days if you have entered all of your business information correctly and give them your D-U-N-S (Dun & Bradstreet) number. After you receive an email containing a link to the certificate, follow these directions in the **exact same** browser as the one you used to request the certificate : https://cheapsslsecurity.com/downloads.aspx?ispdf=true&iscs=true&filenm=Comodo_Code_Signing_Collection_Guide.pdf

# Signing a File

[Screenshot] Next, you will need to install Visual Studio with the "Universal Windows App Development Tools" workload. You can click on the list of sub-items and un-select everything except the Windows 10 SDK. You can download Visual Studio here: https://visualstudio.microsoft.com/thank-you-downloading-visual-studio/?sku=Community&rel=16

Open a "Developer Command Prompt for VS".

![](developerprompt.png)

```
# Sign a file with your certificate.
SignTool sign /t http://timestamp.comodoca.com /f codesigning.p12 /p <Password> file.exe
```

![](signfile.png)

You should see something like this:

![](donesigning.png)

# Creating the Setup File

I'm using a few different Go tools to allow us to create the web server, a firewall rule and put the server file inside our setup app.

## Server

First of all, you'll want to install Golang: https://golang.org/dl/
Then you'll want to install [goversioninfo](https://github.com/josephspurrier/goversioninfo) by running the following in a command prompt:

```
go get github.com/josephspurrier/goversioninfo/cmd/goversioninfo
```

This will allow us to set the name of the program, version, etc. and most importantly, which manifest file to use.

[Configuration options / usage.]

## Firewall Rule

go-powershell

```
# working directory is dir
dir, err := os.Getwd()
if err != nil {
log.Fatal(err)
}
```
Might have to create another variable set to the string and add the path.

```
# This command will create the firewall rule.
New-NetFirewallRule -DisplayName "Name of Rule" -Direction Inbound -Program "C:\path\to\app\file.exe" -Action Allow
```

You should see something like this:

![](addfirewallrule.png)

Manifest file:

```
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="requireAdministrator" uiAccess="false"/>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
```

## Put Server In Setup File

fileb0x

BIN
All/addfirewallrule.png View File

Before After
Width: 862  |  Height: 703  |  Size: 36KB

BIN
All/adminpromptnewcert.png View File

Before After
Width: 458  |  Height: 334  |  Size: 16KB

BIN
All/developerprompt.png View File

Before After
Width: 784  |  Height: 676  |  Size: 50KB

BIN
All/donesigning.png View File

Before After
Width: 979  |  Height: 510  |  Size: 20KB

BIN
All/signfile.png View File

Before After
Width: 978  |  Height: 514  |  Size: 17KB

Loading…
Cancel
Save